Social Networks safety and security

Social Networks | StaySafeOnline.org: " SOCIAL NETWORKS Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn and other social networks have become an integral part of online lives. Social networks are a great way to stay connected with others, but you should be wary about how much personal information you post."

Have your family follow these tips to safely enjoy social networking:
  • Privacy and security settings exist for a reason: Learn about and use the privacy and security settings on social networks. They are there to help you control who sees what you post and manage your online experience in a positive way.
  • Once posted, always posted: Protect your reputation on social networks. What you post online stays online. Think twice before posting pictures you wouldn’t want your parents or future employers to see. Recent research (http://www.microsoft.com/privacy/dpd/research.aspx) found that 70% of job recruiters rejected candidates based on information they found online.
  • Your online reputation can be a good thing: Recent research (http://www.microsoft.com/privacy/dpd/research.aspx) also found that recruiters respond to a strong, positive personal brand online. So show your smarts, thoughtfulness, and mastery of the environment.
  • Keep personal info personal: Be cautious about how much personal information you provide on social networking sites. The more information you post, the easier it may be for a hacker or someone else to use that information to steal your identity, access your data, or commit other crimes such as stalking.
  • Know and manage your friends: Social networks can be used for a variety of purposes. Some of the fun is creating a large pool of friends from many aspects of your life. That doesn’t mean all friends are created equal. Use tools to manage the information you share with friends in different groups or even have multiple online pages. If you’re trying to create a public persona as a blogger or expert, create an open profile or a “fan” page that encourages broad participation and limits personal information. Use your personal profile to keep your real friends (the ones you know trust) more synched up with your daily life.
  • Be honest if you’re uncomfortable: If a friend posts something about you that makes you uncomfortable or you think is inappropriate, let them know. Likewise, stay open-minded if a friend approaches you because something you’ve posted makes him or her uncomfortable. People have different tolerances for how much the world knows about them respect those differences. 
Know what action to take: If someone is harassing or threatening you, remove them from your friends list, block them, and report them to the site administrator.

Protect Yourself with these STOP. THINK. CONNECT. Tips:
  • Keep a clean machine: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
  • Own your online presence: When applicable, set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit how you share information.
  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.
  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.
  • Post only about others as you have them post about you. 
more news below



Backdoor.AndroidOS.Obad.a, malware

New Android malware should be wake-up call for security admins | TechRepublic: "Nicknamed Backdoor.AndroidOS.Obad.a, this malware used a hole in the code packing system to create an executable that should be found invalid, but still gets processed on an Android smartphone, by planting deliberate errors in the AndroidManifest file. Once there, it can get elevated to the Device Administrator status, but using a security hole in Android, it will not get listed in the apps listing, making it impossible to remove. And the complexity doesn’t stop there. The malware uses a lot of encryption to keep all of its variable names secret, and it will go out through a network connection, downloading a part of the Facebook home page, and use that as its encryption key, to ensure it is truly online and able to connect to its control servers. . . ." (read more at link above)

more news below



NSA Nightmare: Contract Worker goes Rogue

Leaker’s Employer Became Wealthy by Maintaining Government Secrets: "Edward J. Snowden’s employer, Booz Allen Hamilton, has become one of the largest and most profitable corporations in the United States almost exclusively by serving a single client: the government of the United States. Over the last decade, much of the company’s growth has come from selling expertise, technology and manpower to the National Security Agency and other federal intelligence agencies. Booz Allen earned $1.3 billion, 23 percent of the company’s total revenue, from intelligence work during its most recent fiscal year. The government has sharply increased spending on high-tech intelligence gathering since 2001, and both the Bush and Obama administrations have chosen to rely on private contractors like Booz Allen for much of the resulting work. Thousands of people formerly employed by the government, and still approved to deal with classified information, now do essentially the same work for private companies."

more news below



They are watching you right through your webcam

Smile! Hackers Can Silently Access Your Webcam Right Through The Browser (Again) | TechCrunch: " . . .The basic technique, dubbed Clickjacking, is nothing new. I’d actually generally avoid writing about things like this, if it were new, to keep the word from spreading before the companies got a chance to fix it — but these techniques are already very well known in the hacking world. In fact, a post on Adobe’s security blog suggests that they fixed the bug (or a similar one) way back in 2011. “No user action or Flash Player product update are required,” it reads. And yet… it still works. We tested the proof of concept on the latest build of Chrome for Mac, and it pulled from our webcam without issue or any visible prompt. Others have found the exploit to work on IE10, but it seems to be patched on the most recent releases of Safari and Firefox. When it works, the only evidence that the camera was ever accessed is a near instant and oh-so-easy-to-miss blink of the LED indicator. . . ."

more news below



US Agencies Data Swaps

U.S. Agencies Said to Swap Data With Thousands of Firms - Bloomberg: "These programs, whose participants are known as trusted partners, extend far beyond what was revealed by Edward Snowden, a computer technician who did work for the National Security Agency. The role of private companies has come under intense scrutiny since his disclosure this month that the NSA is collecting millions of U.S. residents’ telephone records and the computer communications of foreigners from Google Inc (GOOG). and other Internet companies under court order."

more news below



The Spy Chief Leading Us Into Cyberwar

NSA Snooping Was Only the Beginning. Meet the Spy Chief Leading Us Into Cyberwar | Threat Level | Wired.com: "But there is a flip side to this equation that is rarely mentioned: The military has for years been developing offensive capabilities, giving it the power not just to defend the US but to assail its foes. Using so-called cyber-kinetic attacks, Alexander and his forces now have the capability to physically destroy an adversary’s equipment and infrastructure, and potentially even to kill. Alexander—who declined to be interviewed for this article—has concluded that such cyberweapons are as crucial to 21st-century warfare as nuclear arms were in the 20th."

more news below



Google Uncovers Iran Spying

The surveillance campaign is just the latest evidence that political groups are increasingly using digital means to keep tabs on their opposition. During elections last April in Malaysia, security researchers at the University of Toronto’s Citizen Lab found evidence that servers in Malaysia were running FinSpy, a surveillance tool sold to governments by the British surveillance firm Gamma Group. According to security researchers, the targets appeared to be members of Malaysia’s opposition party. (source infra)

Google Says It Has Uncovered Iranian Spy Campaign - NYTimes.com
By By NICOLE PERLROTH
The timing of the effort, which has been targeting Iranian citizens, suggests that the attacks are related to the upcoming Iranian presidential election, Google said. Read more…
NYT Bits

more news below



Code name Verax, Snowden knew the risks

Code name ‘Verax’: Snowden, in exchanges with Post reporter, made clear he knew risks - The Washington Post: "“Perhaps I am naive,” he replied, “but I believe that at this point in history, the greatest danger to our freedom and way of life comes from the reasonable fear of omniscient State powers kept in check by nothing more than policy documents.” The steady expansion of surveillance powers, he wrote, is “such a direct threat to democratic governance that I have risked my life and family for it.” In an e-mail on May 24, he dropped a bombshell. Whistleblowers before him, he said, had been destroyed by the experience. Snowden wanted “to embolden others to step forward,” he wrote, by showing that “they can win.” He therefore planned to apply for asylum in Iceland or some other country “with strong internet and press freedoms,” although “the strength of the reaction will determine how choosy I can be.”"

more news below



Obama's Secret Courts, FISC, unlawful surveillance

US Department of Justice Fights to Stop Release of Secret Court Opinion on Unlawful Surveillance of Americans--

Future Tense: " . . . . On a U.S. government database somewhere, there is a classified court opinion that details unlawful surveillance of Americans’ communications. And the Justice Department is fighting to keep it secret. Last year, Sen. Ron Wyden, D-Ore., revealed that the Foreign Intelligence Surveillance Court had found “on at least one occasion” that the government had conducted spying that was “unreasonable under the Fourth Amendment,” which is designed to prevent unreasonable searches and seizures. Wyden said that the FISC, which operates largely in secret, had found that the government acted unconstitutionally in how it had implemented so-called “minimization procedures” intended to limit how data on Americans are collected and retained. The senator added that the government was found to have “circumvented the spirit” of the Foreign Intelligence and Surveillance Act, a controversial spy law that civil liberties groups claim effectively allows “dragnet surveillance.” When Wyden revealed the FISC ruling on the unlawful snooping, he did not disclose details about exactly what the surveillance involved or how many Americans were affected. But his comment prompted the Electronic Frontier Foundation to take legal action in an attempt to obtain more information. After filing suit in a district court, the rights group successfully established earlier this year that the Justice Department holds an 86-page FISC opinion, issued on Oct. 3, 2011, which appears to be the case Wyden cited. . . ."(more at link above)

more news below



cyber security - Google News

cyber warfare - Google News

cyber defense - Google News

US-CERT Cyber Security Tips

Cyber War News

Alive in the Cloud

expri.com